2 matches found
CVE-2022-31196
Databasir (≤ 1.06) contains a Server-Side Request Forgery (SSRF) vulnerability. An attacker can trigger the issue by sending a single HTTP POST to create a databaseType using a jdbcDriverFileUrl that returns a non-200 response; the executed URL’s response is logged and exposed in the endpoint/dat...
CVE-2022-31196 Server-Side Request Forgery (SSRF) vulnerability in Databasir
Databasir is a database metadata management platform. Databasir = 1.06 has Server-Side Request Forgery SSRF vulnerability. The SSRF is triggered by a sending a single HTTP POST request to create a databaseType. By supplying a jdbcDriverFileUrl that returns a non 200 response code, the url is...